Issue localhost development server certificates signed by own Private Certificate Authority in no time.

Use !pric only for development on local hosts. For public hosts consider using Let's Encrypt!

Self-signed certificates cause trust errors and issuing locally-trusted development certificates signed by a real Certificate Authority (CA) can be dangerous or even impossible for the hosts like 127.0.0.1 or localhost.

!pric automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates.

Download !pric sources via browser and unzip archive.

Or just download and untar it with terminal command:

wget -c https://github.com/pric/pric/archive/master.tar.gz -O - | tar -xz

Go to the extracted pric-master directory and execute pric.sh terminal command:

sh pric.sh

This command will:

1. Generate Certificate Authority private key in /usr/local/share/ca-certificates/!pric/ca.key
2. Generate Certificate Authority self-signed certificate in /usr/local/share/ca-certificates/!pric/ca.crt
3. Update operating system Certificate Authority registry
4. Generate localhost private key in ./output/localhost.key
5. Generate localhost certificate signing request in ./output/localhost.csr
6. Generate localhost certificate signed by Certificate Authority in ./output/localhost.crt
7. Compile PEM file in ~/localhost-certificate.pem (required for Reverse proxy for PHP built-in server)

Terminal output:

1. Go to about:preferences in address bar.
2. Search for Certificates and click View Cerficicates button.
3. In Authorities tab click Import and choose /usr/local/share/ca-certificates/!pric/ca.crt certificate.

!pric Certificate Authority will be added to the list.

1. Go to chrome://settings/certificates in address bar.
2. In Authorities tab click Import and choose /usr/local/share/ca-certificates/!pric/ca.crt certificate.

org-!pric Certificate Authority will be added to the list.

• macOS system store
• Linux system store
  • update-ca-trust (RHEL, CentOS, Fedora) or
  • update-ca-certificates (Ubuntu, Debian, OpenSUSE, SLES)

By default !pric creates certificate for the following domain names:

• localhost
• test.localhost
• *.test.localhost (wildcard)

This list could be changed in ./openssl.dns.cnf file (!pric creates missing config file on start).

Run web development server on 4000 port and try to access it via cURL:

$ curl -v https://localhost:4000

* Rebuilt URL to: https://localhost:4000/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 4000 (#0)
* found 150 certificates in /etc/ssl/certs/ca-certificates.crt
* found 602 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
* 	 server certificate verification OK
* 	 server certificate status verification SKIPPED
* 	 common name: localhost (matched)
* 	 server certificate expiration date OK
* 	 server certificate activation date OK
* 	 certificate public key: RSA
* 	 certificate version: #3
* 	 subject: O=!pric,CN=localhost
* 	 start date: Mon, 21 Oct 2019 00:11:45 GMT
* 	 expire date: Wed, 27 Sep 2119 00:11:45 GMT
* 	 issuer: O=!pric,CN=localhost
* 	 compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: localhost:4000
> User-Agent: curl/7.47.0
> Accept: */*

• Anton Komarev
• Dmitry Romanyuta

• !pric is open-sourced software licensed under the MIT license by Anton Komarev.
• IT Specialist Help logo image licensed under Creative Commons 3.0 by Gan Khoon Lay.